Proprietary Surveillance

Nonfree (proprietary) software is very often malware (designed to
mistreat the user). Nonfree software is controlled by its developers,
which puts them in a position of power over the users; that is the
basic injustice. The developers often exercise that power to the
detriment of the users they ought to serve.

This document attempts to
track clearly established cases of proprietary software that
spies on or tracks users.

Introduction

For decades, the Free Software movement has been denouncing the
abusive surveillance machine of
proprietary software
companies such as
Microsoft
and
Apple.
In the recent years, this tendency to watch people has spread across
industries, not only in the software business, but also in the
hardware. Moreover, it also spread dramatically away from the
keyboard, in the mobile computing industry, in the office, at home, in
transportation systems, and in the classroom.

Aggregate or anonymized data

Many companies, in their privacy policy, have a clause that claims
they share aggregate, non-personally identifiable information with
third parties/partners. Such claims are worthless, for several
reasons:

They could change the policy at any time.

They can twist the words by distributing an “aggregate” of
“anonymized” data which can be reidentified and attributed to
individuals.

The raw data they don't normally distribute can be taken by
data breaches.

The raw data they don't normally distribute can be taken by
subpoena.

Therefore, we must not be distracted by companies' statements of
they will do with the data they collect. The wrong is that
they collect it at all.

A downgrade to Windows 10 deleted surveillance-detection
applications. Then another downgrade inserted a general spying
program. Users noticed this and complained, so Microsoft
renamed it
to give users the impression it was gone.

It also demonstrates how you can't trust proprietary software,
because even if today's version doesn't have a malicious
functionality, tomorrow's version might add it. The developer won't
remove the malfeature unless many users push back hard, and the users
can't remove it themselves.

Spyware in Android

Google did not intend to make these apps spy; on the contrary, it
worked in various ways to prevent that, and deleted these apps
after discovering what they did. So we cannot blame Google
specifically for the snooping of these apps.

On the other hand, Google redistributes nonfree Android apps, and
therefore shares in the responsibility for the injustice of their
being nonfree. It also distributes its own nonfree apps, such as
Google
Play, which
are malicious.

Could Google have done a better job of preventing apps from
cheating? There is no systematic way for Google, or Android
users, to inspect executable proprietary apps to see what they
do.

Google could demand the source code for these apps, and study the
source code somehow to determine whether they mistreat users in
various ways. If it did a good job of this, it could more or less
prevent such snooping, except when the app developers are clever
enough to outsmart the checking.

But since Google itself develops malicious apps, we cannot trust
Google to protect us. We must demand release of source code to the
public, so we can depend on each other.

A
research paper that investigated the privacy and security
of 283 Android VPN apps concluded that “in spite of the
promises for privacy, security, and anonymity given by the
majority of VPN apps—millions of users may be unawarely subject
to poor security guarantees and abusive practices inflicted by
VPN apps.”

Following is a non-exhaustive list of proprietary VPN apps from
the research paper that tracks and infringes the privacy of
users:

SurfEasy

Includes tracking libraries such as NativeX and Appflood,
meant to track users and show them targeted ads.

sFly Network Booster

Requests the READ_SMS and SEND_SMS
permissions upon installation, meaning it has full access to
users' text messages.

DroidVPN and TigerVPN

Requests the READ_LOGS permission to read logs
for other apps and also core system logs. TigerVPN developers
have confirmed this.

HideMyAss

Sends traffic to LinkedIn. Also, it stores detailed logs
and may turn them over to the UK government if
requested.

VPN Services HotspotShield

Injects JavaScript code into the HTML pages returned to the
users. The stated purpose of the JS injection is to display
ads. Uses roughly 5 tracking libraries. Also, it redirects the
user's traffic through valueclick.com (an advertising
website).

WiFi Protector VPN

Injects JavaScript code into HTML pages, and also uses
roughly 5 tracking libraries. Developers of this app have
confirmed that the non-premium version of the app does
JavaScript injection for tracking and display ads.

A study in 2015 found that 90% of the top-ranked gratis
proprietary Android apps contained recognizable tracking libraries. For
the paid proprietary apps, it was only 60%.

The article confusingly describes gratis apps as “free”,
but most of them are not in fact
free software.
It also uses the ugly word “monetize”. A good replacement
for that word is “exploit”; nearly always that will fit
perfectly.

Merely asking the “consent” of users is not enough
to legitimize actions like this. At this point, most users have
stopped reading the “Terms and Conditions” that spell out
what they are “consenting” to. Google should clearly
and honestly identify the information it collects on users, instead
of hiding it in an obscurely worded EULA.

However, to truly protect people's privacy, we must prevent Google
and other companies from getting this personal information in the first
place!

Even if you disable Google Maps and location tracking, you must
disable Google Play itself to completely stop the tracking. This is
yet another example of nonfree software pretending to obey the user,
when it's actually doing something else. Such a thing would be almost
unthinkable with free software.

The article should not have described these apps as
“free”—they are not free software. The clear way to say
“zero price” is “gratis.”

The article takes for granted that the usual analytics tools are
legitimate, but is that valid? Software developers have no right to
analyze what users are doing or how. “Analytics” tools that snoop are
just as wrong as any other snooping.

Spyware in iThings

In the latest iThings system, “turning off” WiFi and Bluetooth the
obvious way
doesn't really turn them off.
A more advanced way really does turn them off—only until 5am.
That's Apple for you—“We know you want to be spied on”.

Apple proposes
a fingerprint-scanning touch screen
— which would mean no way to use it without having your fingerprints
taken. Users would have no way to tell whether the phone is snooping on
them.

According to Edward Snowden,
agencies can take over smartphones
by sending hidden text messages which enable them to turn the phones
on and off, listen to the microphone, retrieve geo-location data from the
GPS, take photographs, read text messages, read call, location and web
browsing history, and read the contact list. This malware is designed to
disguise itself from investigation.

Samsung phones come with
apps that users can't delete,
and they send so much data that their transmission is a
substantial expense for users. Said transmission, not wanted or
requested by the user, clearly must constitute spying of some
kind.

Currently, the app is
being pre-installed on only one phone, and the
user must explicitly opt-in before the app takes effect. However, the
app remains spyware—an “optional” piece of spyware is
still spyware.

The FTC criticized this app because it asked the user to
approve sending personal data to the app developer but did not
ask about sending it to other companies. This shows the
weakness of the reject-it-if-you-dislike-snooping
“solution” to surveillance: why should a flashlight
app send any information to anyone? A free software flashlight
app would not.

Those toys also contain major security vulnerabilities; crackers
can remotely control the toys with a mobile phone. This would
enable crackers to listen in on a child's speech, and even speak
into the toys themselves.

The app was reporting the temperature of the vibrator minute by
minute (thus, indirectly, whether it was surrounded by a person's
body), as well as the vibration frequency.

Note the totally inadequate proposed response: a labeling
standard with which manufacturers would make statements about
their products, rather than free software which users could have
checked and changed.

The company's statement that it was anonymizing the data may be
true, but it doesn't really matter. If it had sold the data to a
data broker, the data broker would have been able to figure out
who the user was.

That's easy to do because the system has no authentication when
accessed through the modem. However, even if it asked for
authentication, you couldn't be confident that Nissan has no
access. The software in the car is
proprietary, which
means it demands blind faith from its users.

Even if no one connects to the car remotely, the cell phone
modem enables the phone company to track the car's movements all
the time; it is possible to physically remove the cell phone modem
though.

The case of toll-collection systems, mentioned in this article, is not
really a matter of proprietary surveillance. These systems are an
intolerable invasion of privacy, and should be replaced with anonymous
payment systems, but the invasion isn't done by malware. The other
cases mentioned are done by proprietary malware in the car.

Tesla cars allow the company to extract data remotely and
determine the car's location at any time. (See
Section 2, paragraphs b and c.). The company says it doesn't
store this information, but if the state orders it to get the data
and hand it over, the state can store it.

Spyware at Home

Today's technological practice does not include any way of
making a device that can obey your voice commands without
potentially spying on you. Even if it is air-gapped, it could be
saving up records about you for later examination.

Spyware in TV Sets

Emo Phillips made a joke: The other day a woman came up to me and
said, “Didn't I see you on television?” I said, “I
don't know. You can't see out the other way.” Evidently that was
before Amazon “smart” TVs.

This shows that laws requiring products to get users' formal
consent before collecting personal data are totally inadequate.
And what happens if a user declines consent? Probably the TV
will say, “Without your consent to tracking, the TV will
not work.”

Proper laws would say that TVs are not allowed to report what
the user watches — no exceptions!

It is possible to turn this off, but having it enabled by default
is an injustice already.

Tivo's alliance with Viacom adds 2.3 million households to
the 600 millions social media profiles the company already
monitors. Tivo customers are unaware they're being watched by
advertisers. By combining TV viewing information with online
social media participation, Tivo can now correlate TV
advertisement with online purchases, exposing all users to
new combined surveillance by default.

Some web and TV advertisements play inaudible sounds to be
picked up by proprietary malware running on other devices in
range so as to determine that they are nearby. Once your
Internet devices are paired with your TV, advertisers can
correlate ads with Web activity, and
other cross-device tracking.

Spyware in
LG “smart” TVs reports what the user watches, and
the switch to turn this off has no effect. (The fact that the
transmission reports a 404 error really means nothing; the server
could save that data anyway.)

The suit accuses that this was done without the users' consent.
If the fine print of the app said that users gave consent for this,
would that make it acceptable? No way! It should be flat out
illegal to design the app to snoop at all.